Operation Celestial Force Employing Android And Windows Malware To Attack Indian Users

17 June 2024

A Pakistani threat actor group, Cosmic Leopard, has been conducting a multi-year cyber espionage campaign named Operation Celestial Force, targeting Indian entities. Since 2018, they have used GravityRAT malware, initially for Windows and later for Android, which has been deployed through malicious documents and social engineering. In 2019, they expanded their toolkit with HeavyLift, a malware loader distributed via fake installers, where each campaign within the operation is managed by custom “GravityAdmin” panels, highlighting the need for user education on cyber hygiene and implementing defense-in-depth security models. Malicious drop site delivering HeavyLift.

Source: GBHackers

Date:

17 June 2024

Categorie(s):

NEWS

Tag(s):

Attacks, Cyber Attack, Cyber Security News, Cyberespionage, Force

The 7 Best Encryption Software Choices for 20245 November 2024
Have you ever had a pen tester own your network? – Julian Austin – CSP #1995 November 2024
Revolutionizing Risk Management in Application Security5 November 2024
Skills shortage directly tied to financial loss in data breaches5 November 2024
Washington courts grapple with statewide outage after ‘unauthorized activity’5 November 2024